Security News

Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
2022-08-09 17:30

Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. The Kali Team knows the importance of practicing instead of relying on theory, and for infosecurity professionals, test labs are a way to test tools and hone their own skills in a legal environment.

Slack leaked hashed passwords from its servers for years
2022-08-08 11:45

Did Slack send you a password reset link last week? The company has admitted to accidentally exposing the hashed passwords of workspace users. Slack said only 0.5 percent of users were affected, which doesn't sound too terrible until you consider how many Slack users are out there.

New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
2022-08-07 04:29

"This family borrows heavily from the original Mirai source code, but what separates it from other IoT malware families is its built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai," Fortinet FortiGuard Labs said in a report. The malware, which gets its name from an embedded URL to a YouTube rap music video in an earlier version, is said to have amassed a growing collection of compromised SSH servers, with over 3,500 unique IP addresses used to scan and brute-force their way into the servers.

New GwisinLocker ransomware encrypts Windows and Linux ESXi servers
2022-08-06 14:05

A new ransomware family called 'GwisinLocker' targets South Korean healthcare, industrial, and pharmaceutical companies with Windows and Linux encryptors, including support for encrypting VMware ESXi servers and virtual machines. On Wednesday, Korean cybersecurity experts at Ahnlab published a report on the Windows encryptor, and yesterday, security researchers at ReversingLabs published their technical analysis of the Linux version.

New Linux malware brute-forces SSH servers to breach networks
2022-08-04 16:22

A new botnet called 'RapperBot' is being used in attacks since mid-June 2022, focusing on brute-forcing its way into Linux SSH servers to establish a foothold on the device. Over the past 1.5 months since its discovery, the new botnet used over 3,500 unique IPs worldwide to scan and attempt brute-forcing Linux SSH servers.

Microsoft SQL servers hacked to steal bandwidth for proxy services
2022-07-28 17:26

Threat actors are generating revenue by using adware bundles, malware, or even hacking into Microsoft SQL servers, to convert devices into proxies rented through online proxy services. To steal a device's bandwidth, the threat actors install software called 'proxyware' that allocates a device's available internet bandwidth as a proxy server that remote users can use for various tasks, like testing, intelligence collection, content distribution, or market research.

MS-SQL servers hacked to steal bandwidth with proxyware
2022-07-28 17:26

Threat actors have been adopting a less common method to generate revenue and are leveraging payloads to install proxyware services on target systems. Proxyware is a program that allows allocating available internet bandwidth over a proxy to users that need it for various tasks, like testing, intelligence collection, content distribution, or market research.

Microsoft Exchange servers increasingly hacked with IIS backdoors
2022-07-26 18:01

Microsoft says attackers increasingly use malicious Internet Information Services web server extensions to backdoor unpatched Exchange servers as they have lower detection rates compared to web shells. Microsoft previously saw custom IIS backdoors installed after threat actors exploited ZOHO ManageEngine ADSelfService Plus and SolarWinds Orion vulnerabilities.

ESG Cyber Resiliency Research Server Cut
2022-07-26 00:00

Cyber resiliency is now an essential requirement for any business. Given the threat to data and IT servers, businesses must invest in cyber-resiliency strategies to reduce operational risk.

Microsoft reminder: Windows Server 20H2 reaches EOS next month
2022-07-24 14:06

Microsoft has reminded customers once again that Windows Server, version 20H2, will be reaching its End of Service in less than a month, on August 9. "On August 9, 2022, all editions of Windows Server, version 20H2 will reach end of servicing. The upcoming August 2022 security update, to be released on August 9, 2022, will be the last update available for this version," Microsoft said in a Windows message center update this week.